Image: — © AFP/File Noel Celis

As attackers pivot from breaching individual companies to compromising trusted providers, software dependencies, and integration platforms, supply chains will emerge as the most efficient access point into modern enterprises.

To learn more, Digital Journal spoke with AttackIQ Field CISO Pete Luban on the threat shifts that will define cybersecurity strategy in 2026. His perspective focuses on how adversaries are evolving faster than most defences, forcing organizations to rethink trust, resilience, and how they learn from attacks.

Supply chains will become the #1 access point for adversaries

According to Luban: “When the SolarWinds attack hit in 2020, few realized it would mark the start of a new era in cyber risk. Five years later, the ripple effects are everywhere. Attackers have learned a simple truth: why break into 1,000 companies when you can hit one trusted provider and reach them all?”

As to what the future holds, Luben thinks: “In 2026, that playbook will reach its peak. Adversaries are turning their focus to the glue that holds modern business together, from software dependencies to service providers and integration platforms that connect entire ecosystems. One compromise in that chain can expose thousands of organizations overnight.”

Furthermore, Luben states: “This will be the year companies either gain true visibility into their supply chains or keep learning the hard way what blind trust costs. Annual questionnaires won’t cut it anymore. The lesson will be simple: you can’t secure what you can’t see.”

Cybercrime will go corporate

One the topic of attacks on businesses, Luben sees: “Adversarial groups will operate more like legitimate enterprises than underground networks in 2026.”

As examples he mentions: “We’re already seeing Scattered Spider, RomCom, and the Lazarus Group establish corporate-level structures, complete with R&D cycles that treat each breach as a learning opportunity. They’re iterating, refining, and returning with better tactics. Add AI-powered reconnaissance and attack automation, and you’ve got adversaries who can adapt faster than most defenders can patch.

The scary part isn’t just their sophistication, it’s their efficiency. The organizations that keep up won’t necessarily be the ones spending the most, but the ones treating threat intelligence as a business function. The winners will learn from every incident, operationalize those lessons quickly, and out-innovate attackers at their own game.”

As for next year: “In 2026, cybercrime becomes industrialized, and survival depends on learning faster than the enemy.”

The industry’s obsession with “converged” platforms will finally break

According to Luben: “2026 is the year security leaders stop pretending one platform can do it all.”

In terms of examples: “The AWS and Microsoft outages in late October 2025 exposed what many CISOs had quietly feared for years: when your single provider goes down, your entire operation flatlines.”

This leads Luben to caution: “We’ve hit the limit of convenience. Translation layers between tools that were never meant to talk to each other are creating more problems than they solve. The new reality is that best-of-breed architectures are back, not because they’re trendy but because they’re resilient.”

And for next year? “In 2026, the market will correct itself. Vendors still chasing total platform domination will feel the impact when renewal conversations begin.”

Dr. Tim Sandle is Digital Journal’s Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.